Klocwork SonarQube Plugin

The Emenda Klocwork SonarQube plugin allows you to import issues detected by the Klocwork advanced inter-procedural, control-flow and data-flow Code Analyzer into the SonarQube dashboard and combine that data with the quality and security data from other sources.

Klocwork & SonarQube

Klocwork is a powerful inter-procedural, control-flow and data-flow static code analysis engine static analysis for C, C++, Java and C# used widely in the safety and security critical industries. Klocwork also provides coverage of many key industry and internationally recognised coding guidelines such as the MISRA guidelines used across a broad range of safety critical systems and the CWE, CERT, DISA STIG and OWASP security standards. Learn more here

SonarQube (formerly just Sonar) is an open source platform for continuous inspection of code quality. In this world of Continuous Integration, Continuous Deployment and now continuous reporting of our development teams’ progress towards our end goals of quality and security, the amount of data and data sources that we are handling for our development operations is growing exponentially. SonarQube offers a great environment in which to combine, collate and filter that data so that the important bits can ‘bubble up’ to the surface!